From: Joe Orton <jorton@apache.org>
Date: Mon, 21 Mar 2005 14:27:55 +0000 (+0000)
Subject: Add some missing CVE/CERT references.
X-Git-Tag: 2.0.54~37
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=081f39e2987a09c3765b5a231f6b1739e2aeef57;p=thirdparty%2Fapache%2Fhttpd.git

Add some missing CVE/CERT references.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@158453 13f79535-47bb-0310-9956-ffa450edef68
---

diff --git a/CHANGES b/CHANGES
index 63a940a4dc7..6e39c1770c9 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1678,7 +1678,8 @@ Changes with Apache 2.0.43
 
 Changes with Apache 2.0.42
 
-  *) mod_dav: Check for versioning hooks before using them.
+  *) SECURITY: CVE-2002-1593 (cve.mitre.org) [CERT VU#406121]
+     mod_dav: Check for versioning hooks before using them.
      [Greg Stein]
 
 Changes with Apache 2.0.41
@@ -2405,7 +2406,8 @@ Changes with Apache 2.0.36
 
   *) Fix AcceptPathInfo. PR 8234  [Cliff Woolley]
 
-  *) SECURITY: Added the APLOG_TOCLIENT flag to ap_log_rerror() to
+  *) SECURITY: CAN-2002-1592 (cve.mitre.org) [CERT VU#165803]
+     Added the APLOG_TOCLIENT flag to ap_log_rerror() to
      explicitly tell the server that warning messages should be sent 
      to the client in addition to being recorded in the error log. 
      Prior to this change, ap_log_rerror() always sent warning